Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a96ac3-3990-45aa-b48e-870cc5f43cd5/1/3Ecxk2P7e71r675s-iUcdql5m18.roa
File: 3Ecxk2P7e71r675s-iUcdql5m18.roa (raw, json)
Hash identifier: T89HhXcDe17TB/b7r8oC0290hjOpZyi3qRar9s99IcM=
Subject key identifier: DC:47:31:93:63:FB:7B:BD:6B:EB:BE:6C:FA:25:1C:76:A9:79:9B:5F
Certificate issuer: /CN=8032c07faa22feb5969ff1f3b4905d1ea1e4deeb
Certificate serial: 0194258F28B72425494789EB09F79A103962
Authority key identifier: 80:32:C0:7F:AA:22:FE:B5:96:9F:F1:F3:B4:90:5D:1E:A1:E4:DE:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gDLAf6oi_rWWn_HztJBdHqHk3us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a96ac3-3990-45aa-b48e-870cc5f43cd5/1/3Ecxk2P7e71r675s-iUcdql5m18.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31317
IP address blocks: 2001:67c:10b0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:28:b7:24:25:49:47:89:eb:09:f7:9a:10:39:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8032c07faa22feb5969ff1f3b4905d1ea1e4deeb
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc47319363fb7bbd6bebbe6cfa251c76a9799b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2e:4c:69:ee:ac:5f:10:a7:30:3b:06:db:db:
6f:c0:ad:0c:a9:a8:63:c7:9b:c2:2c:21:1f:50:55:
f0:0c:23:c0:94:43:c7:68:4c:21:e3:67:76:b1:e3:
d5:98:7a:01:e8:05:3c:59:ce:bd:2e:9b:ea:4c:14:
67:1f:6d:54:81:f4:1d:5c:64:a0:8f:19:3c:ec:fe:
d3:f0:6e:1a:a6:b6:16:8a:d3:77:97:f3:95:2e:cb:
eb:62:90:b6:00:1f:86:91:0f:79:c4:c7:86:ac:ea:
43:77:32:9f:80:cc:ab:93:b3:4d:95:72:4b:ec:f3:
e8:df:20:6a:de:77:52:bc:2d:7d:29:6b:33:6d:ed:
39:32:d2:fe:10:91:0b:77:cd:f8:2f:e9:81:1f:65:
da:2e:ae:04:fa:93:0c:e7:b0:c9:28:fa:1d:f4:c7:
df:dd:e9:c0:ea:c1:40:6e:02:f5:64:d5:2f:e9:ae:
6a:24:9d:23:d6:61:c7:11:6f:3a:d8:e1:59:ba:6f:
64:22:bd:1a:a7:a8:dd:64:be:b0:d0:e1:74:07:5e:
6a:d7:38:f5:d3:3d:00:da:91:2c:00:e9:51:9a:59:
c7:48:7f:85:00:a5:88:85:91:34:e9:16:9f:89:35:
4e:0d:11:09:7a:8a:cf:b4:da:2a:87:9e:40:a9:c4:
a1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:47:31:93:63:FB:7B:BD:6B:EB:BE:6C:FA:25:1C:76:A9:79:9B:5F
X509v3 Authority Key Identifier:
keyid:80:32:C0:7F:AA:22:FE:B5:96:9F:F1:F3:B4:90:5D:1E:A1:E4:DE:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gDLAf6oi_rWWn_HztJBdHqHk3us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a96ac3-3990-45aa-b48e-870cc5f43cd5/1/3Ecxk2P7e71r675s-iUcdql5m18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a96ac3-3990-45aa-b48e-870cc5f43cd5/1/gDLAf6oi_rWWn_HztJBdHqHk3us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:10b0::/48
Signature Algorithm: sha256WithRSAEncryption
3b:2a:e1:56:d0:84:8e:f2:eb:15:ed:b6:9a:0c:ac:bc:ee:19:
15:ac:02:80:f0:4c:54:a4:3d:0d:38:8e:52:bc:d0:ed:cd:b0:
22:6d:3a:9e:5b:33:ce:26:71:7e:2f:c1:00:0a:a2:18:f2:1f:
88:9e:e6:38:d5:bc:67:f0:33:fc:59:de:d3:ad:2b:ec:ea:a7:
f9:d0:17:a4:d2:fc:d6:8e:3e:0e:b2:b0:ec:5c:6b:e2:d1:79:
5b:62:7a:1f:9d:c5:b8:35:34:e8:9d:11:1b:87:83:aa:34:f3:
b0:b9:63:b1:35:9c:81:08:66:f1:d2:3f:13:bd:d9:78:76:45:
a2:2d:9e:7d:b6:c8:c8:31:06:3a:9c:df:93:b5:e1:31:a5:f7:
fe:82:48:a4:52:b7:29:fd:19:8e:84:a7:61:cd:17:6d:ad:8c:
fe:72:f2:ab:e8:72:61:47:e6:c8:dc:16:8d:3a:13:f8:40:db:
de:16:9f:fa:8f:c8:96:d7:89:06:4e:20:c0:99:85:aa:ff:e1:
2d:dd:02:61:6d:0b:39:bd:d3:65:c8:01:64:18:00:bf:58:0e:
fa:98:6d:09:58:bd:6d:8e:2f:2c:46:7d:9a:bd:a0:a1:32:cb:
da:48:1b:51:68:3a:0b:63:73:34:83:46:f5:1d:27:f2:9f:88:
2d:41:cb:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljyi3JCVJR4nrCfeaEDliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMzJjMDdmYWEyMmZlYjU5NjlmZjFmM2I0OTA1ZDFlYTFl
NGRlZWIwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ3MzE5MzYzZmI3YmJkNmJlYmJlNmNmYTI1MWM3NmE5Nzk5YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS5Mae6sXxCnMDsG29tvwK0Mqahj
x5vCLCEfUFXwDCPAlEPHaEwh42d2sePVmHoB6AU8Wc69LpvqTBRnH21UgfQdXGSg
jxk87P7T8G4aprYWitN3l/OVLsvrYpC2AB+GkQ95xMeGrOpDdzKfgMyrk7NNlXJL
7PPo3yBq3ndSvC19KWszbe05MtL+EJELd834L+mBH2XaLq4E+pMM57DJKPod9Mff
3enA6sFAbgL1ZNUv6a5qJJ0j1mHHEW862OFZum9kIr0ap6jdZL6w0OF0B15q1zj1
0z0A2pEsAOlRmlnHSH+FAKWIhZE06RafiTVODREJeorPtNoqh55AqcShfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNxHMZNj+3u9a+u+bPolHHapeZtfMB8GA1UdIwQY
MBaAFIAywH+qIv61lp/x87SQXR6h5N7rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0RMQWY2b2lfcldXbl9IenRKQmRIcUhrM3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hOTZhYzMtMzk5MC00NWFhLWI0OGUt
ODcwY2M1ZjQzY2Q1LzEvM0VjeGsyUDdlNzFyNjc1cy1pVWNkcWw1bTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hOTZhYzMtMzk5MC00NWFhLWI0OGUtODcwY2M1ZjQzY2Q1
LzEvZ0RMQWY2b2lfcldXbl9IenRKQmRIcUhrM3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBCw
MA0GCSqGSIb3DQEBCwUAA4IBAQA7KuFW0ISO8usV7baaDKy87hkVrAKA8ExUpD0N
OI5SvNDtzbAibTqeWzPOJnF+L8EACqIY8h+InuY41bxn8DP8Wd7TrSvs6qf50Bek
0vzWjj4OsrDsXGvi0XlbYnofncW4NTTonREbh4OqNPOwuWOxNZyBCGbx0j8Tvdl4
dkWiLZ59tsjIMQY6nN+TteExpff+gkikUrcp/RmOhKdhzRdtrYz+cvKr6HJhR+bI
3BaNOhP4QNveFp/6j8iW14kGTiDAmYWq/+Et3QJhbQs5vdNlyAFkGAC/WA76mG0J
WL1tji8sRn2avaChMsvaSBtRaDoLY3M0g0b1HSfyn4gtQctI
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:15:46 2025 by rpki-client